WordPress Plugin Membership Simplified v1.58 – Arbitrary File Download

Today we will discuss poor development practices in wordpress plugins with key focus WordPress Plugin Membership Simplified v1.58 which as of the time of this writing the script is not patched . The vulnerable script is as below: Meta data: Discovery : Larry W Cashdollar  WPVDB ID : 8777 CVE-ID :  CVE-2017-1002008 Dork Standard stuff[…]

Jimmy the troll (unknown)

Download Unknown.ova here (782.44 MB) This CTF was made by Jimmy to test a number of aspects. It was also keen as the previous one on attention to some details. So without further ado, lets get into what made this journey awesome. Know About Thy Target This was the first step and for this I[…]